This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

Introducing CAS authentication

Dec 12th, 2012, 01:54 AM

I adapted my web application to Spring and now I have the following doubt. The application used CAS for authentication. Configuring a CAS client without Spring is so easy, because it implies introducing some lines in web.xml. However, with my spring application this doesnt work.

I do not have any experience with Spring, so my question is if it is neccesary to introduce Spring Security in my application and then specifically for CAS, and if there is any good guide for this work.

I adapted my web application to Spring and now I have the following doubt. The application used CAS for authentication. Configuring a CAS client without Spring is so easy, because it implies introducing some lines in web.xml. However, with my spring application this doesnt work.

I do not have any experience with Spring, so my question is if it is neccesary to introduce Spring Security in my application and then specifically for CAS, and if there is any good guide for this work.

It will take you a few more lines of configuration to get your application to use spring security with cas. But that configuration is still externalized in an xml file.

Personal opinion is that if the only reason you're looking at spring security is to interface with CAS - I wouldn't go down that path. But spring security has many other features that are commonly required for web development.